Riana Pfefferkorn is the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society. Her work, made possible through funding from the Stanford Cyber Initiative, focuses on investigating and analyzing the U.S. government's policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development, and other public interests.

Prior to joining Stanford, Riana was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, where she worked on litigation and counseling matters involving online privacy, Internet intermediary liability, consumer protection, copyright, trademark, and trade secrets and was actively involved in the firm's pro bono program. Before that, Riana clerked for the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. She also interned during law school for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana earned her law degree from the University of Washington School of Law and her undergraduate degree from Whitman College.

Today was the deadline for the public to submit comments on the Australian government's draft Assistance and Access Bill 2018. The proposed legislation drew sharp criticism from numerous tech companies and civil society groups, in Australia and elsewhere, for the threats it poses to computer security, human rights, due process, and transparency.

Pages

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

Motion to unseal the docket and court's legal reasoning in a sealed case wherein the Department of Justice allegedly sought to compel Facebook to comply with a wiretap order for Facebook's end-to-end encrypted voice calling app, Messenger.

Supplemental comments submitted to Australia's Parliamentary Joint Committee on Intelligence and Security (PJCIS) on the revised draft (20 September 2018 version) of the Telecommunication & Other Legislation Amendment (Assistance & Access) Bill 2018, in advance of testimony during the PJCIS's 16 November 2018 hearing on the Bill.

Comments submitted to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) of the Australian Parliament on the revised draft (20 September 2018 version) of the Telecommunication & Other Legislation Amendment (Assistance & Access) Bill 2018.

Pages

"Even Riana Pfefferkorn—a cryptography expert and attorney at Stanford Law School who submitted formal October 2018 testimony to the Australian parliament arguing against the law—doesn't know what is meant exactly by "systemic weakness."

"Nobody knows!" she said, while laughing for a brief moment. "Whenever you open up a vulnerability in a piece of software or a piece of hardware, it's going to have consequences that are unforeseeable.""

"“What kinds of criminals mask their location, and for what kinds of crimes? Child pornography, yes; violent threats, yes; but also organized-crime rings engaged in cybercrime. A business email compromise scam, like those at issue in these warrants, falls squarely in that camp,” Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, told Motherboard in an online chat after reviewing the documents."

""This case adds to the disagreement over how to analyze compelled decryption orders in the context of passcodes," said Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, in an email to The Register."

News of governments such as Russia and North Korea deploying their tech teams to hack into companies for political reasons has made headlines (think Sony after release of the movie The Interview). But what about when the U.S. government “hacks” to get around security measures designed to protect consumers?

On December 1, 2016, significant and controversial changes to Federal Rule of Criminal Procedure 41 are scheduled go into effect. Today, Rule 41 prohibits a federal judge from issuing a search warrant outside of the judge’s district, with some exceptions.Traditionally, federal judges may only issue warrants that will be executed within their own districts. The revised Rule 41 would permit judges to issue search and seizure warrants for computers outside their jurisdictions, in two circumstances: if the computer’s true location has been hidden through technological means (such as Tor), or, in a computer-hacking investigation under the CFAA, if the affected computers are located in five or more districts.

Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.

To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.

Riana Pfefferkorn is a digital security expert and Cryptography Fellow at the Stanford Center for Internet and Society. She says that we are living in the “Golden Age of Surveillance,” in which the growing ubiquity of data-rich smart devices has produced a fundamental tension between the rights of users to protect their personal data and the needs of law enforcement to investigate or prevent serious crimes.

Widespread availability of advanced encryption technology has improved security for consumers and businesses, though some in law enforcement have voiced concerns that it limits their ability to prevent terrorism and prosecute crimes.